Ransomware
What is Ransomware?
Ransomware is a type of malicious software, or malware, that prevents you from accessing your computer files, systems, or networks and demands you pay a ransom for their return. Ransomware attacks can cause costly disruptions to operations and the loss of critical information and data.
You can unknowingly download ransomware onto a computer by opening an email attachment, clicking an ad, following a link, or even visiting a website that's embedded with malware.
Once the code is loaded on a computer, it will lock access to the computer itself or data and files stored there. More menacing versions can encrypt files and folders on local drives, attached drives, and even networked computers.
Most of the time, you don’t know your computer has been infected. You usually discover it when you can no longer access your data or you see computer messages letting you know about the attack and demanding ransom payments.
For the latest information on ransomware variants and campaigns, please see our Industry Alerts.
Tips to Avoid Ransomware
- Keep operating systems, software, and applications current and up to date.
- Make sure anti-virus and anti-malware solutions are set to automatically update and run regular scans.
- Back up data regularly and double-check that those backups were completed.
- Secure your backups. Make sure they are not connected to the computers and networks they are backing up.
- Create a continuity plan in case your business or organization is the victim of a ransomware attack.
What to do in case of a Ransomware incident
-
How to Respond
The FBI does not support paying a ransom in response to a ransomware attack. Paying a ransom doesn't guarantee you or your organization will get any data back. It also encourages perpetrators to target more victims and offers an incentive for others to get involved in this type of illegal activity.
-
File a Complaint
File a detailed complaint at www.ic3.gov. It is vital the complaint contain all required data in provided fields, including the Ransomware variant name (if known); file extension of the encrypted file(s); cryptocurrency type and address; email address utilized by attackers; website(s) / URL(s) provided by attackers; ransom demand amount; whether the ransom was paid and if so, the amount paid.
-
Stay Informed
For the Latest information on ransomware variants and campaigns, please see our Industry Alerts.